Vulnerabilities > Jtekt

DATE CVE VULNERABILITY TITLE RISK
2023-02-13 CVE-2023-22353 Out-of-bounds Read vulnerability in Jtekt Screen Creator Advance 2 0.1.1.4
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information.
local
low complexity
jtekt CWE-125
7.8
2023-02-13 CVE-2023-22360 Use After Free vulnerability in Jtekt Screen Creator Advance 2 0.1.1.4
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected.
local
low complexity
jtekt CWE-416
7.8
2022-07-26 CVE-2022-29951 Missing Authentication for Critical Function vulnerability in Jtekt products
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication.
network
low complexity
jtekt CWE-306
critical
9.1
2022-07-26 CVE-2022-29958 Insufficient Verification of Data Authenticity vulnerability in Jtekt products
JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity.
network
low complexity
jtekt CWE-345
critical
9.8
2021-09-10 CVE-2021-33011 Allocation of Resources Without Limits or Throttling vulnerability in Jtekt products
All versions of the afffected TOYOPUC-PC10 Series,TOYOPUC-Plus Series,TOYOPUC-PC3J/PC2J Series, TOYOPUC-Nano Series products may not be able to properly process an ICMP flood, which may allow an attacker to deny Ethernet communications between affected devices.
low complexity
jtekt CWE-770
4.3
2021-07-01 CVE-2021-27477 Out-of-bounds Write vulnerability in Jtekt products
When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 2PORT-EFR, Plus CPU, Plus EX, Plus EX2, Plus EFR, Plus EFR2, Plus 2P-EFR, PC10P-DP, PC10P-DP-IO, Plus BUS-EX, Nano 10GX, Nano 2ET,PC10PE, PC10PE-16/16P, PC10E, FL/ET-T-V2H, PC10B,PC10B-P, Nano CPU, PC10P, and PC10GE receive an invalid frame, the outside area of a receive buffer for FL-net are overwritten.
network
low complexity
jtekt CWE-787
7.5
2021-04-19 CVE-2021-27458 Improper Resource Shutdown or Release vulnerability in Jtekt products
If Ethernet communication of the JTEKT Corporation TOYOPUC product series’ (TOYOPUC-PC10 Series: PC10G-CPU TCC-6353: All versions, PC10GE TCC-6464: All versions, PC10P TCC-6372: All versions, PC10P-DP TCC-6726: All versions, PC10P-DP-IO TCC-6752: All versions, PC10B-P TCC-6373: All versions, PC10B TCC-1021: All versions, PC10B-E/C TCU-6521: All versions, PC10E TCC-4737: All versions; TOYOPUC-Plus Series: Plus CPU TCC-6740: All versions, Plus EX TCU-6741: All versions, Plus EX2 TCU-6858: All versions, Plus EFR TCU-6743: All versions, Plus EFR2 TCU-6859: All versions, Plus 2P-EFR TCU-6929: All versions, Plus BUS-EX TCU-6900: All versions; TOYOPUC-PC3J/PC2J Series: FL/ET-T-V2H THU-6289: All versions, 2PORT-EFR THU-6404: All versions) are left in an open state by an attacker, Ethernet communications cannot be established with other devices, depending on the settings of the link parameters.
network
low complexity
jtekt CWE-404
7.5